Signed request string of Expo.Facebook.logInWithReadPermissionsAsync

In the Javascript version of Facebook SDK for web development, when a user is logged in Facebook, I’ll get the user access token and a signed request string. The signed request string helps verify the correctness of the token at my backend:

FB.getLoginStatus(function(response) {
if (response.status === ‘connected’) {

When using Expo.Facebook.logInWithReadPermissionsAsync, there seems no such mechanism to ensure the correctness of access token. Do we always trust the result and store these data at backend?


1 Like

There is no signed request we get back. This is the result that Facebook provides:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.